Test ID:	1.3.6.1.4.1.25623.1.1.10.2014.0382
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2014-0382)
Summary:	The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2014-0382 advisory.
Description:	Summary: The remote host is missing an update for the 'flash-player-plugin' package(s) announced via the MGASA-2014-0382 advisory. Vulnerability Insight: Adobe Flash Player 11.2.202.406 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves memory leakage vulnerabilities that could be used to bypass memory address randomization (CVE-2014-0557). This update resolves a security bypass vulnerability (CVE-2014-0554). This update resolves a use-after-free vulnerability that could lead to code execution (CVE-2014-0553). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555). This update resolves a vulnerability that could be used to bypass the same origin policy (CVE-2014-0548). This update resolves a heap buffer overflow vulnerability that could lead to code execution (CVE-2014-0556, CVE-2014-0559). Affected Software/OS: 'flash-player-plugin' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0547 BugTraq ID: 69695 http://www.securityfocus.com/bid/69695 http://security.gentoo.org/glsa/glsa-201409-05.xml http://www.securitytracker.com/id/1030822 http://secunia.com/advisories/61089 SuSE Security Announcement: SUSE-SU-2014:1124 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html SuSE Security Announcement: openSUSE-SU-2014:1110 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html SuSE Security Announcement: openSUSE-SU-2014:1130 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html XForce ISS Database: adobe-flash-cve20140547-code-exec(95817) https://exchange.xforce.ibmcloud.com/vulnerabilities/95817 Common Vulnerability Exposure (CVE) ID: CVE-2014-0548 BugTraq ID: 69705 http://www.securityfocus.com/bid/69705 XForce ISS Database: adobe-flash-cve20140548-sec-bypass(95818) https://exchange.xforce.ibmcloud.com/vulnerabilities/95818 Common Vulnerability Exposure (CVE) ID: CVE-2014-0549 BugTraq ID: 69699 http://www.securityfocus.com/bid/69699 XForce ISS Database: adobe-flash-cve20140549-code-exec(95819) https://exchange.xforce.ibmcloud.com/vulnerabilities/95819 Common Vulnerability Exposure (CVE) ID: CVE-2014-0550 BugTraq ID: 69700 http://www.securityfocus.com/bid/69700 XForce ISS Database: adobe-flash-cve20140550-code-exec(95820) https://exchange.xforce.ibmcloud.com/vulnerabilities/95820 Common Vulnerability Exposure (CVE) ID: CVE-2014-0551 BugTraq ID: 69702 http://www.securityfocus.com/bid/69702 XForce ISS Database: adobe-flash-cve20140551-code-exec(95821) https://exchange.xforce.ibmcloud.com/vulnerabilities/95821 Common Vulnerability Exposure (CVE) ID: CVE-2014-0552 BugTraq ID: 69703 http://www.securityfocus.com/bid/69703 XForce ISS Database: adobe-flash-cve20140552-code-exec(95822) https://exchange.xforce.ibmcloud.com/vulnerabilities/95822 Common Vulnerability Exposure (CVE) ID: CVE-2014-0553 BugTraq ID: 69707 http://www.securityfocus.com/bid/69707 XForce ISS Database: adobe-flash-cve20140553-code-exec(95823) https://exchange.xforce.ibmcloud.com/vulnerabilities/95823 Common Vulnerability Exposure (CVE) ID: CVE-2014-0554 BugTraq ID: 69697 http://www.securityfocus.com/bid/69697 XForce ISS Database: adobe-flash-cve20140554-sec-bypass(95824) https://exchange.xforce.ibmcloud.com/vulnerabilities/95824 Common Vulnerability Exposure (CVE) ID: CVE-2014-0555 BugTraq ID: 69706 http://www.securityfocus.com/bid/69706 XForce ISS Database: adobe-flash-cve20140555-code-exec(95825) https://exchange.xforce.ibmcloud.com/vulnerabilities/95825 Common Vulnerability Exposure (CVE) ID: CVE-2014-0556 BugTraq ID: 69696 http://www.securityfocus.com/bid/69696 https://www.exploit-db.com/exploits/36808/ http://googleprojectzero.blogspot.com/2014/09/exploiting-cve-2014-0556-in-flash.html http://packetstormsecurity.com/files/131516/Adobe-Flash-Player-copyPixelsToByteArray-Integer-Overflow.html https://code.google.com/p/google-security-research/issues/detail?id=46 http://www.osvdb.org/111110 XForce ISS Database: adobe-flash-cve20140556-bo(95826) https://exchange.xforce.ibmcloud.com/vulnerabilities/95826 Common Vulnerability Exposure (CVE) ID: CVE-2014-0557 BugTraq ID: 69701 http://www.securityfocus.com/bid/69701 XForce ISS Database: adobe-flash-cve20140557-sec-bypass(95827) https://exchange.xforce.ibmcloud.com/vulnerabilities/95827 Common Vulnerability Exposure (CVE) ID: CVE-2014-0559 BugTraq ID: 69704 http://www.securityfocus.com/bid/69704 XForce ISS Database: adobe-flash-cve20140559-bo(95828) https://exchange.xforce.ibmcloud.com/vulnerabilities/95828
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.